Ethereum Network Survives Deliberate Attack Impacting Parity Nodes
Many analysts have opined that the Ethereum (ETH) network was the main target of a coordinated attack, after some Parity Ethereum nodes went out of sync with the network on December 31.
In this regard, core blockchain framework firm Parity Technology stated that it felt that there was an assault going on and therefore initiated network upgrades to safeguard against the perceived attack.
As per Sergio Demian lerner, a cryptocurrency security consultant, the assault was initiated in a simple manner, wherein “you send to a Parity node a block with invalid transactions, but valid header (borrowed from another block). The node will mark the block header as invalid and ban this block header forever but the header is still valid.”
Liam Aharon, a software programmer, assessed the attack and concluded that it was powerful enough to bring the entire network down. Aharon further stated that Ethereum could become target of more attacks in the forthcoming year.
The attack is simple: you send to a Parity node a block with invalid transactions, but valid header (borrowed from another block)
The node will mark the block header as invalid and ban this block header forever but the header is still valid.— Sergio Demian Lerner (@SDLerner) December 31, 2019
1/ Ethereum overcame an intentional attack today on NYE which came close to taking down the entire network.
I’d like talk about the attack and why it wasn’t successful, but also why I worry Ethereum may become much more vulnerable to similar attacks in 2020. https://t.co/cp5P9wLj5Z
— Liam Aharon (@liamaharon) December 31, 2019
According to Aharon, the attack was not successful to knock down the entire network as it has a client, nicknamed Geth, which is resistant to such attacks.
Nevertheless, taking into consideration Parity’s plan to shift Parity Ethereum to a DAO ownership and maintainer structure, Geth may turn out to be the only perfectly maintained client this year.
Aharon pointed out that it could destroy the network. He said “If this scenario came true, attacks similar to today’s would devastate the network, instead of just being inconvenient.”
6/ Maintaining a client is HARD, I’m concerned that with less resources behind Parity Ethereum we may see Geth become the only well maintained client in 2020.
If this scenario came true, attacks similar to today’s would devastate the network, instead of just being inconvenient.
— Liam Aharon (@liamaharon) December 31, 2019
Last year, Parity has rolled out numerous updates aimed at resolving node vulnerability. In March 2019, Parity CEO Jutta Steiner stated that the latest controversial Create2 Ethereum function would have stopped the Parity multisig freeze, after a user “accidentally killed” the Parity multisig library by triggering a vulnerability to turn into the library owner and then making it self-destruct.
In May 2019, international hacking study center SRLabs asserted that only two-thirds of Ethereum client software that functioned on Ethereum nodes had undergone an update to resolve a crucial security issue identified earlier this year.
The info supposedly pointed out that Parity nodes which had not undergone an update constitutes 15% of total scanned nodes. This means 15% of total Ethereum nodes are susceptible to a possible 51% attack.
Notably, on December 29, IOTA crypto token holders were unable to carry out any transaction for almost a day after an unusual group of trades, perceived as an attack, froze the mainnet.
The IOTA Foundation stressed that the scenario was not triggered by any changes to software or any other elements of the network, but actually took place due to the “absence of transaction processing logic for an unusual set of transactions.”
Earlier in December, BitPay, popular cryptocurrency payment processor, affirmed that its Bitcoin (BTC) processing service went offline temporarily.
AuthorKelly Cromley
Kelly is our in house crytpto researcher, delving into the stories which matter from blockchains being used in the real world to new ico coming out.
